github.com/celestiaorg/celestia-node@v0.15.0-beta.1/nodebuilder/node/auth.go

github.com/celestiaorg/celestia-node@v0.15.0-beta.1/nodebuilder/node/auth.go (about)

     1  package node
     2  
     3  import (
     4  	"crypto/rand"
     5  	"io"
     6  
     7  	"github.com/cristalhq/jwt"
     8  
     9  	"github.com/celestiaorg/celestia-node/libs/keystore"
    10  )
    11  
    12  var SecretName = keystore.KeyName("jwt-secret.jwt")
    13  
    14  // secret returns the node's JWT secret if it exists, or generates
    15  // and saves a new one if it does not.
    16  func secret(ks keystore.Keystore) (jwt.Signer, error) {
    17  	// if key already exists, use it
    18  	if pk, ok := existing(ks); ok {
    19  		return jwt.NewHS256(pk)
    20  	}
    21  	// otherwise, generate and save new priv key
    22  	sk, err := io.ReadAll(io.LimitReader(rand.Reader, 32))
    23  	if err != nil {
    24  		return nil, err
    25  	}
    26  	// save key
    27  	err = ks.Put(SecretName, keystore.PrivKey{Body: sk})
    28  	if err != nil {
    29  		return nil, err
    30  	}
    31  
    32  	return jwt.NewHS256(sk)
    33  }
    34  
    35  func existing(ks keystore.Keystore) ([]byte, bool) {
    36  	sk, err := ks.Get(SecretName)
    37  	if err != nil {
    38  		return nil, false
    39  	}
    40  	return sk.Body, true
    41  }